Описание
Security update for Botan
This update for Botan fixes the following issues:
- CVE-2022-43705: Fixed validation of embedded certificates was when checking OCSP responses (boo#1205509).
Список пакетов
SUSE Package Hub 15 SP4
Botan-2.18.2-bp154.2.3.1
Botan-doc-2.18.2-bp154.2.3.1
libbotan-2-18-2.18.2-bp154.2.3.1
libbotan-2-18-32bit-2.18.2-bp154.2.3.1
libbotan-2-18-64bit-2.18.2-bp154.2.3.1
libbotan-devel-2.18.2-bp154.2.3.1
libbotan-devel-32bit-2.18.2-bp154.2.3.1
libbotan-devel-64bit-2.18.2-bp154.2.3.1
python3-botan-2.18.2-bp154.2.3.1
openSUSE Leap 15.4
Botan-2.18.2-bp154.2.3.1
Botan-doc-2.18.2-bp154.2.3.1
libbotan-2-18-2.18.2-bp154.2.3.1
libbotan-2-18-32bit-2.18.2-bp154.2.3.1
libbotan-2-18-64bit-2.18.2-bp154.2.3.1
libbotan-devel-2.18.2-bp154.2.3.1
libbotan-devel-32bit-2.18.2-bp154.2.3.1
libbotan-devel-64bit-2.18.2-bp154.2.3.1
python3-botan-2.18.2-bp154.2.3.1
Ссылки
- E-Mail link for openSUSE-SU-2022:10211-1
- SUSE Security Ratings
- SUSE Bug 1205509
- SUSE CVE CVE-2022-43705 page
Описание
In Botan before 2.19.3, it is possible to forge OCSP responses due to a certificate verification error. This issue was introduced in Botan 1.11.34 (November 2016).
Затронутые продукты
SUSE Package Hub 15 SP4:Botan-2.18.2-bp154.2.3.1
SUSE Package Hub 15 SP4:Botan-doc-2.18.2-bp154.2.3.1
SUSE Package Hub 15 SP4:libbotan-2-18-2.18.2-bp154.2.3.1
SUSE Package Hub 15 SP4:libbotan-2-18-32bit-2.18.2-bp154.2.3.1
Ссылки
- CVE-2022-43705
- SUSE Bug 1205509